The FBI has issued a critical alert, highlighting an alarming rise in malware-driven ATM jackpotting attacks across the United States, culminating in significant financial losses. In a recent report, the FBI disclosed that, of the nearly 1,900 incidents recorded since 2020, over 700 occurred in 2025 alone, resulting in losses surpassing $20 million.
Understanding ATM Jackpotting Attacks
ATM jackpotting involves gaining physical access to an ATM to install malware. This malware manipulates the machine’s cash-dispensing module to release funds illicitly. Such attacks have prompted U.S. authorities to intensify their crackdown, leading to prosecutions of numerous individuals, notably including several Venezuelan nationals, who may face deportation.
The Role of Ploutus Malware
While various malware families are implicated in these attacks, Ploutus remains the most prevalent. Despite its peak activity in 2017 and 2018, Ploutus has resurfaced as a significant threat. A map published by the Justice Department last year indicated its persistent activity across the U.S., and the FBI’s latest findings confirm its widespread use.
Once installed, Ploutus grants attackers direct control over an ATM, enabling rapid cash withdrawals that often elude detection until the funds are already withdrawn. The malware’s adaptability to different ATM manufacturers, exploiting the Windows operating system, further complicates mitigation efforts.
Preventative Measures and Challenges
To counter these threats, the FBI’s alert includes indicators of compromise (IoCs) to assist organizations in identifying potential attacks, alongside recommended preventive measures. However, Ploutus poses a unique challenge due to its capability to autonomously erase traces of its presence, hindering forensic investigations and bank security responses.
As the frequency and sophistication of ATM jackpotting attacks rise, the financial sector must remain vigilant and bolster its cybersecurity defenses. Continued collaboration between law enforcement and financial institutions is crucial to mitigating these threats and protecting consumer assets.
With ATM jackpotting evolving as a persistent threat, the importance of implementing robust security measures and maintaining awareness of emerging cyber threats cannot be overstated. The financial industry must adapt to these challenges to safeguard against future attacks.
